By Diarmuid Gill
Source: www.criteo.com, February 2020


“That’s great, it starts with an earthquake.” – REM

Ever since Google announced that it would deprecate third-party cookies within Chrome in two years’ time, I’ve had REM’s apocalyptic-themed hit “It’s the End of the World as We Know It” running through my head. Not because I truly think the end is near, but because the announcement sparked panicked conversations around a “Cookie Apocalypse” that could destroy digital advertising and threaten the future of the open internet itself.

The truth is that Google had already flagged as far back as August 2019 that they were planning to make these changes. That’s why this really is not much of an earthquake. What I think is more of a shock is that there’s such a lack of consistency in the answers across the industry about why the transition is happening in the first place and what it signifies.

The fact that the changes are two years away, with a lot more detail still to be defined, is not helping with the confusion. I want to dispel a few of those Cookie Apocalypse rumours by sharing three truths I’ve seen misconstrued out there in cyberspace.

Truth #1: Not all cookies are going away

Google’s announcement only affects third-party cookies, so first-party cookies will be alive and well long after the two-year mark.

First-party cookies are those sent to a browser from the site visited by a user. They help advertisers, retailers, and publishers understand their customers and deliver the best user experiences on their own sites.

A modern website blends content from different sources. For instance, news and weather may come from third-party providers. These websites work with technology partners to help them deliver relevant advertising showing products and services the end users are more likely to be interested in. And so, enter third-party cookies, which help recognise users across different websites in order to understand and personalise their experiences by serving them relevant content and advertising with pertinent recommendations.

The removal of those third-party cookies will have unintended consequences. For instance, features such as single-sign-on (SSO) in many forms will no longer work, so you may not be able to use your social media accounts to seamlessly login across multiple sites. The advertising industry will also be taking a step back in terms of attribution, meaning advertisers won’t be able to track ROI and might find it hard to justify investment in media not linking to a sale—or conversion in marketing speak.

We’ll be back in the days of guesswork over pinpoint precision, almost as if we were living in times when retail pioneer John Wanamaker was reported to have said “half the money I spend on advertising is wasted; the trouble is I don’t know which half.”

At this point, we have more questions than answers, as a workable solution to those issues has yet to be discussed in the community.

Truth #2: Advertising on the open internet may be imperfect, but it is much more private than you think

In Google’s announcement blog post, author and director of Chrome engineering, Justin Schuh, argues that removing third-party cookies is intended to “build a more private web.” Not so fast.

Third-party cookies, in fact, do not reveal personally identifiable information (PII) to outside parties against a user’s will. In practice, users on the open internet are identified via a random identifier and their PII is hashed or encrypted, so that advertising and tech partners can only access unspecified users’ interests and behaviours. The exception to this anonymity is found within walled gardens, which collect and store personal information such as personal connections and friends, search and purchase history, and even political views.

In theory, this personal data should remain confined within each single internet giant, essentially compartmentalising the internet. That said, third-party cookies are by no means a perfect solution. For instance, consent is hard to manage for websites and users have less visibility over what data is stored and have less control on how they share their information. It is for these reasons that change is welcomed by those of us who value user privacy.

Truth # 3: A transparent and fair advertising industry is essential for the open internet

Personalised experiences not only drive value for users by seeing ads that are relevant for them, but for society as a whole. This is because relevant experiences drive revenues that fund the open internet, where people enjoy content and services for free. In fact, research from OKO Digital shows that publisher ad revenues on Safari (where third-party cookies are already blocked) are about half of what they are on Chrome, where third-party cookies are still accepted.

Google’s own data shows a 62% median decline in publishers’ revenues. This will primarily hurt those publishers or businesses who cannot rely on a strong logged-in user base. Many of them will not be able to compensate advertising revenue losses with subscriptions and may have to shut down, which could cause a major drop in independent content providers on the open internet. If in the future a significant portion of the web becomes subscription-based, it will restrict access to large parts of the internet population.

This has huge implications —not only in the advertising industry — but for free press on the web. As an Irishman living in Paris, I regularly check many sources to stay on top of the craic (a little Irish lingo for you) and what else is happening back home. These include sites like The Irish TimesJournal.ieRTE, and the Irish Independent. All of these sites are advertising funded. Losing any of those credible sources means losing critical voices that help me build an informed opinion about current events. Having access to a variety of news and opinions is extremely vital, especially at a time when many news sources online have become either very biased or provide content of questionable quality.

Another unintended consequence might be that after this transition, more advertisers may turn to walled gardens simply because they think it’s easier to address audiences. If this happens, prices will rise on those platforms due to the increased demand and will drop elsewhere (as overall budgets are unlikely to increase). In addition to the loss in revenue for independent publishers, advertisers may also see a dramatic decrease in their return on ad spend and increased dependency on a few large players.

What does this mean for Criteo and our clients?

At Criteo, we’ve already been preparing by adapting our products to help clients through these changes and developing new offerings to stay ahead of the transition and ensure the continued success of our clients.

As we move forward, we ensure these adaptations are made with the future changes in mind, moving towards independence from the third-party cookie technology. We’ve always been proud to develop our solutions in privacy-by-design ways that operate strictly under the consent of the user, never storing PII.

Our Shopper Graph contains deep insights from the USD 900 billion worth of e-commerce transactions that we observe annually across our network of 20,000 clients. Our network of over 4,500 directly connected publishers means Criteo is uniquely placed to connect the demand and supply sides of the open internet ecosystem. These direct connections with publishers and retailers provide us access to a large first-party data footprint to allow our clients to address very large, unique commerce audiences with personalised recommendations to shoppers.

We know that identity is multi-faceted and our dataset, including the Shopper Graph, operates across several layers. We have an unmatched ID graph with a significant amount of non-cookie identifiers in it. This data is incredibly valuable to big brands who lack first-hand information on who is buying their products, for the marketers who want to reach their audiences, and as well as for the user, who wants to receive relevant ads.

All of this data helps drive our world-class AI at scale, allowing us to analyse intent signals across a variety of sources. Our Retail Media platform helps retailers manage and monetise their onsite supply, with Criteo’s technology being utilised in a first-party context. In parallel, we are moving up the funnel to target new audiences as well as channels such as mobile apps, video and connected TV.

Furthermore, our audience-based targeting capabilities are already in use in our consideration solutions. Our flexible bidder, which we seamlessly adapted to header bidding and first-price auctions, can bid on website context, LiveRamp IDLs and many other data points. Criteo is a privacy-by-design company and we will continue to augment our solutions with our unique assets, our deep-rooted AI expertise, our partners, and our network of retailers, brands and publishers. This is how we’ll continue to deliver trusted and impactful advertising in ways that benefit all industry players, as well as consumers. In other words, we’ve got you covered.

So, how can we build  a more privacy-protected internet?

The short answer is — we can build it together.

One thing that the entire industry (even Google) agrees on is that collaboration is going to be necessary during this transition. While it may seem like removing third-party cookies from Chrome gives Google (and walled gardens) more power — that’s only true if we as an ecosystem let it happen.

At Criteo, we see a new world coming and we fully embrace it. We believe the industry is long overdue in replacing cookies for personalised ad targeting on the web, and we very much welcome concerted industry efforts to evolve beyond cookies in privacy-safe ways. In an ideal world, we would all work together to share a common universal ID that drives relevant advertising and product recommendations and fuels the open internet.

Since this ID would also need to drive multi-touch attribution, it couldn’t come from one walled garden or browser. It could come from a standards-based organisation such as the World Wide Web Consortium (W3C), the Media Rating Council (MRC), the Interactive Advertising Bureau (IAB), or other governing party.

It also must involve the marketers – it’s their money we’re talking about after all. We favour a solution that is fully transparent for users, where they own their data and where it’s seamless for them to opt in and out, see their history, and customise their experiences.

We believe this change will allow advertisers, retailers, and publishers to take control from web browsers and better own and understand their customers with a long-term, privacy-driven solution. This would continue to fund the open internet, keeping services free and available to users and let them decide rather than having a choice be forced on them by a third party with biased interest.

None of this vision will be possible without cross-industry collaboration. There may still be many details yet to unfold, but given the passion, intelligence, and innovative thinking that I’ve seen in our team and in the whole ecosystem, I’m not worried. As the song says, while it may be “the end of the world as we know it,” I see the opportunity and the potential for something better ahead — and I feel fine.

Diarmuid Gill

Diarmuid is our CTO, having joined Criteo in 2014. He is in charge of managing Criteo’s R&D teams in Europe and the US, delivering on their mission of providing high performance AI powered advertising at scale. Hailing from Cavan in Ireland, he has an honours degree in Electronic Engineering (1994) and a First-class honours MBA (2014), both from Dublin City University. Previously he worked for General Electric, IONA Software, ICL Fujitsu and AOL.